Page Menu
Home
GRNET
Search
Configure Global Search
Log In
Files
F460988
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Sat, May 17, 9:59 PM
Size
4 KB
Mime Type
text/x-diff
Expires
Mon, May 19, 9:59 PM (4 h, 18 m)
Engine
blob
Format
Raw Data
Handle
220031
Attached To
rWEBDNS WebDNS (edet4)
View Options
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 2a918d8..54d6aa0 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,39 +1,45 @@
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
attr_writer :breadcrumb
helper_method :admin?
def admin?
- params.key?(:admin)
+ not params.key?(:user)
+ end
+
+ def admin_only!
+ return if admin?
+
+ redirect_to root_path, alert: 'Admin only area!'
end
private
def group
@group ||= group_scope.find(params[:group_id] || params[:id])
end
def domain
@domain ||= domain_scope.find(params[:domain_id] || params[:id])
end
def record
@record ||= record_scope.find(params[:record_id] || params[:id])
end
def group_scope
- @group_scope ||= current_user.groups
+ @group_scope ||= admin? ? Group.all : current_user.groups
end
def domain_scope
- @domain_scope ||= Domain.where(group: group_scope)
+ @domain_scope ||= admin? ? Domain.all : Domain.where(group: group_scope)
end
def record_scope
@record_scope ||= domain.records
end
end
diff --git a/app/views/shared/_nav.html.erb b/app/views/shared/_nav.html.erb
index 03e23cc..cd40a8e 100644
--- a/app/views/shared/_nav.html.erb
+++ b/app/views/shared/_nav.html.erb
@@ -1,35 +1,38 @@
<!-- Fixed navbar -->
<nav class="navbar navbar-inverse navbar-fixed-top">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="/">Base</a>
</div>
<div id="navbar" class="navbar-collapse collapse">
<ul class="nav navbar-nav">
<li class="active"><a href="/domains">Domains</a></li>
<li><a href="/contact">Contact</a></li>
+ <% if admin? %>
+ <li><a href="/admin/">Admin</a></li>
+ <% end %>
<% if user_signed_in? %>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
<%= current_user.try(:email) %>
<span class="caret"></span>
</a>
<ul class="dropdown-menu">
<li><%= link_to('Logout', destroy_user_session_path, method: :delete) %></li>
<li class="divider"></li>
<li class="dropdown-header">Profile</li>
<li><%= link_to('Change Password', edit_user_registration_path) %></li>
<li><a href="#">Edit</a></li>
</ul>
</li>
<% end %>
</ul>
</div><!--/.nav-collapse -->
</div>
</nav>
diff --git a/config/routes.rb b/config/routes.rb
index 7ef49f0..11badcc 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -1,31 +1,35 @@
Rails.application.routes.draw do
# Override devise user removal
devise_scope :users do
delete :users, to: redirect('/')
end
devise_for :users
root to: redirect('/domains')
resources :groups, only: [:show] do
get :search_member,
to: 'groups#search_member', on: :member
post :members,
to: 'groups#create_member', as: :create_member, on: :member
delete 'member/:user_id',
to: 'groups#destroy_member', as: :destroy_member, on: :member
end
resources :domains do
resources :records, except: [:index, :show] do
# Reuse records#update instead of introducing new controller actions
#
# rubocop:disable Style/AlignHash
put :disable, to: 'records#update', on: :member,
defaults: { record: { disabled: true } }
put :enable, to: 'records#update', on: :member,
defaults: { record: { disabled: false } }
# rubocop:enable Style/AlignHash
end
end
+
+ # Admin
+ namespace :admin do
+ end
end
Event Timeline
Log In to Comment